From 2cba23941705d5bc993e7fb5aa310b1d6409f27c Mon Sep 17 00:00:00 2001 From: SimolZimol <70102430+SimolZimol@users.noreply.github.com> Date: Fri, 6 Sep 2024 16:00:18 +0200 Subject: [PATCH] modified: app.py --- app.py | 121 +++++++++++++++++++++++---------------------------------- 1 file changed, 48 insertions(+), 73 deletions(-) diff --git a/app.py b/app.py index 0e07383..07cf2a6 100644 --- a/app.py +++ b/app.py @@ -93,6 +93,25 @@ def make_discord_session(token=None, state=None): scope=["identify"] ) +def is_admin(): + """Überprüft, ob der Benutzer Admin-Rechte hat.""" + if "discord_user" in session: + user_info = session["discord_user"] + user_id = user_info["id"] + + # Überprüfe die Admin-Rechte des Benutzers + connection = get_db_connection() + cursor = connection.cursor(dictionary=True) + + cursor.execute("SELECT permission FROM user_data WHERE user_id = %s", (user_id,)) + user_data = cursor.fetchone() + + cursor.close() + connection.close() + + if user_data and user_data["permission"] >= 8: + return True + return False @app.route("/") def landing_page(): @@ -183,7 +202,7 @@ def admin_dashboard(): return render_template("admin_dashboard.html", user_info=user_info) else: return redirect(url_for("user_dashboard")) - return redirect(url_for("login")) + return redirect(url_for("landing_page")) @app.route("/user_dashboard") def user_dashboard(): @@ -204,7 +223,7 @@ def user_dashboard(): return render_template("user_dashboard.html", user_info=user_info, user_data=user_data) else: return "User data not found", 404 - return redirect(url_for("login")) + return redirect(url_for("landing_page")) @app.route("/logout") def logout(): @@ -215,21 +234,24 @@ def logout(): @app.route("/start_bot") def start(): - if "username" in session: + if is_admin(): + user_info = session["discord_user"] start_bot() - return redirect(url_for("admin_dashboard")) - return redirect(url_for("login")) + return render_template("admin_dashboard", user_info=user_info) + return redirect(url_for("landing_page")) + @app.route("/stop_bot") def stop(): - if "username" in session: + if is_admin(): + user_info = session["discord_user"] stop_bot() - return redirect(url_for("admin_dashboard")) - return redirect(url_for("login")) + return render_template("admin_dashboard", user_info=user_info) + return redirect(url_for("landing_page")) @app.route("/settings", methods=["GET", "POST"]) def settings(): - if "username" in session: + if is_admin(): if request.method == "POST": introduction = request.form.get("introduction") asknotes_introduction = request.form.get("asknotes_introduction") @@ -245,12 +267,12 @@ def settings(): asknotes_introduction = load_text_file(ASKNOTES_INTRO_FILE) return render_template("settings.html", introduction=introduction, asknotes_introduction=asknotes_introduction) - return redirect(url_for("login")) + return redirect(url_for("landing_page")) @app.route("/users") def users(): """Zeigt eine Liste aller Benutzer an.""" - if "username" in session: + if is_admin(): connection = get_db_connection() cursor = connection.cursor(dictionary=True) @@ -260,12 +282,12 @@ def users(): cursor.close() connection.close() return render_template("users.html", users=users) - return redirect(url_for("login")) + return redirect(url_for("landing_page")) @app.route("/ban_user/") def ban_user(user_id): """Banned einen Benutzer.""" - if "username" in session: + if is_admin(): connection = get_db_connection() cursor = connection.cursor() @@ -280,12 +302,12 @@ def ban_user(user_id): finally: cursor.close() connection.close() - return redirect(url_for("login")) + return redirect(url_for("landing_page")) @app.route("/update_points/", methods=["POST"]) def update_points(user_id): """Aktualisiert die Punkte eines Benutzers.""" - if "username" in session: + if is_admin(): points_change = int(request.form["points_change"]) connection = get_db_connection() cursor = connection.cursor() @@ -301,12 +323,12 @@ def update_points(user_id): finally: cursor.close() connection.close() - return redirect(url_for("login")) + return redirect(url_for("landing_page")) @app.route("/unban_user/") def unban_user(user_id): """Entbannt einen Benutzer.""" - if "username" in session: + if is_admin(): connection = get_db_connection() cursor = connection.cursor() @@ -321,12 +343,12 @@ def unban_user(user_id): finally: cursor.close() connection.close() - return redirect(url_for("login")) + return redirect(url_for("landing_page")) @app.route("/update_role/", methods=["POST"]) def update_role(user_id): """Aktualisiert die Rolle (Berechtigung) eines Benutzers.""" - if "username" in session: + if is_admin(): new_permission = request.form["permission"] connection = get_db_connection() cursor = connection.cursor() @@ -342,80 +364,33 @@ def update_role(user_id): finally: cursor.close() connection.close() - return redirect(url_for("login")) + return redirect(url_for("landing_page")) @app.route("/logs") def view_logs(): """Zeigt die Logs des Bots im Admin-Panel an.""" - if "username" in session: + if is_admin(): return render_template("logs.html") - return redirect(url_for("login")) + return redirect(url_for("landing_page")) @app.route("/get_logs") def get_logs(): """Liest den Inhalt der Log-Datei und gibt ihn zurück.""" - if "username" in session: + if is_admin(): try: with open(LOG_FILE_PATH, 'r', encoding='utf-8') as file: logs = file.read() return jsonify({"logs": logs}) except FileNotFoundError: return jsonify({"logs": "Log file not found."}) - return redirect(url_for("login")) - -def get_bot_statistics(): - """Berechnet grundlegende Statistiken für den Bot.""" - connection = get_db_connection() - cursor = connection.cursor(dictionary=True) - - # Beispielabfragen, anpassen je nach Datenbankstruktur - cursor.execute("SELECT COUNT(*) AS total_messages FROM chat_history") - total_messages = cursor.fetchone()["total_messages"] - - cursor.execute(""" - SELECT command_name, COUNT(*) AS usage_count - FROM command_log - GROUP BY command_name - ORDER BY usage_count DESC - LIMIT 1 - """) - most_used_command = cursor.fetchone()["command_name"] - - cursor.close() - connection.close() - - return { - "total_messages": total_messages, - "most_used_command": most_used_command, - } + return redirect(url_for("landing_page")) @app.route("/download_logs") def download_logs(): """Bietet die Log-Datei zum Download an.""" - if "username" in session: + if is_admin(): return send_file(LOG_FILE_PATH, as_attachment=True) - return redirect(url_for("login")) - -import shutil - -ARCHIVE_DIR = "archive_logs" -if not os.path.exists(ARCHIVE_DIR): - os.makedirs(ARCHIVE_DIR) - -@app.route("/archive_logs", methods=["POST"]) -def archive_logs(): - """Archiviert die aktuelle Log-Datei und beginnt eine neue Log-Datei.""" - if "username" in session: - if os.path.exists(LOG_FILE_PATH): - timestamp = datetime.now().strftime('%Y-%m-%d_%H-%M-%S') - archive_file = os.path.join(ARCHIVE_DIR, f"log_{timestamp}.log") - shutil.move(LOG_FILE_PATH, archive_file) - with open(LOG_FILE_PATH, 'w', encoding='utf-8') as file: - file.write("") # Neue leere Log-Datei starten - return jsonify({"status": "success", "message": "Logs archived successfully."}) - else: - return jsonify({"status": "error", "message": "Log file not found."}) - return redirect(url_for("login")) + return redirect(url_for("landing_page")) if __name__ == "__main__": app.run(host="0.0.0.0", port=5000, debug=True)